Explore wasm based conventions #57
Description
The current approach to defining a convention is via a webhook to a remote process. While flexible, this approach introduces networks and misconfigurations that can affect system stability. We should also explore Wasm as a mechanism to run arbitrary code safely within the controller process. Conventions should be pure functions that don't need access to disk, network, or the system.
Open questions:
- how hard is it to run wasm code safely within a go process? Should we run in a non-go binary, like rust?
- can a poorly implemented convention cause a denial of service by crashing the controller?
- how do we get wasm executables to the controller? (inlined into the ClusterPodConvention resource?)
- what does it look like for a convention author to compile to wasm, what languages should we offer bindings for?